Newsletter

December

Defining an Effective Research Consortium

New England, Massachusetts, and specifically the Greater Boston region are well known for their academic excellence, their industry clusters, and their political clout. Unfortunately, unlike other regions in the U.S. and the world, collaboration to build a focused regional brand has fallen short – most notably in the areas of cybersecurity research and development. Despite a collection of some of the globe’s most coveted assets, there is no current umbrella unit to pool resources from university, industry, and government. Until now.

Feature Story

October

What is "Reasonable" in Cybersecurity

Cybersecurity has quickly evolved from an IT issue to a business issue to now a legal issue. As recent as this week, legal actions by the FTC and SEC are holding organizations accountable for security breaches citing relaxed cybersecurity practices. Colin Zick, partner at Foley Hoag comments on lessons learned from the rulings and suggests that organizations revisit the most basic principles that comprise every data privacy and security program.

Feature Story

May

The Impact of Federal Cybersecurity

Next month on June 2, The Advanced Cyber Security Center will convene cybersecurity thought leaders at State Street Corporation to explore the landscape of national cyber intelligence. Featured in one of the panels, Jon Oltsik from ESG was interviewed by ACSC in regards to recent ESG research concluding that critical infrastructure organizations want more cybersecurity help from Washington. This month, we asked Mr. Oltsik about the role of the federal government in cyber training and cyber intelligence.

Feature Story

April

Burning Glass's Stephen Lynch on CyberSecurity Jobs Supply & Demand

Cybersecurity jobs are growing at a rate three times faster than other IT jobs. With unique and evolving skills sets, these jobs are hard to fill according to employers looking to boost their security posture. Lynch outlines the challenges in training and developing cyber talent as well as the opportunities for universities and industry to work together to build a talent pipeline that meets agile market needs.

Feature Story

Cyber Tip

Lawrence Wilson, Information Security Lead, University of Massachusetts

Cybersecurity includes one of the fastest growing job markets with a growth rate two times faster than all IT jobs. Developing a pipeline of talented cybersecurity professionals with the required skills is the topic of the ACSC's upcoming Cyber Exchange Forum on April 14 at UMASS Lowell. What skills are actually in demand?

Read More

Latest News

September 21, 2016
Opinion: For the sake of privacy, pardon Snowden
While Edward Snowden's leaks damaged US national security, the disclosures also led to crucial surveillance reforms. A pardon would signal to the world the US has learned from its mistakes and respects internet freedom, privacy, and human rights.

August 3, 2016
Homeland Security chief weighs plan to protect voting from hackers
Secretary of Homeland Security Jeh Johnson said he's considering whether to designate the US election system as critical infrastructure, which could trigger greater cybersecurity at the ballot box.

July 12, 2016
White House releases federal cybersecurity workforce strategy
The government is putting additional weight behind recruiting and retaining talent for information security jobs.

April 4, 2016
Cybersecurity spending: more does not necessarily mean better
Cybersecurity budgeting should start with a holistic and comprehensive risk assessment. Once all threats and vulnerabilities are listed and prioritized, companies can proceed to properly managed RFP to select right security controls. A security control shall assure appropriate, efficient and continuous risk mitigation in accordance to corporate risk strategy and risk appetite. However, in reality things happen in much different and less effective way.

March 24, 2016
Small banks face the greatest risk from hackers
Cyberattacks on the country’s largest banks, from JPMorgan Chase & Co. to Bank of America Corp., grab the headlines. But the Federal Reserve Bank of Boston and other regulators worry that smaller banks, with less robust cybersecurity, provide easier targets for criminals, terrorists, and foreign states seeking to infiltrate the US financial system.

January 29, 2016
FDA outlines cybersecurity recommendations for medical device manufacturers
The U.S. Food and Drug Administration today issued a draft guidance outlining important steps medical device manufacturers should take to continually address cybersecurity risks to keep patients safe and better protect the public health. From 1/15/16

January 28, 2016
Ben Carson’s Cybersecurity Plan Is Terrible. But At Least He Has One.
It’s old news by now that Republican presidential candidate Ben Carson—despite his medical degree—has a tenuous relationship with science. So I didn’t exactly have great expectations for his campaign’s cybersecurity plan, modestly titled “Prescription for Winning the 21st Century Cyberspace Race.” To be honest, I wasn’t expecting a dedicated cybersecurity plan at all, much less an op-ed dedicated to the topic by Carson in Re/code this week.

January 27, 2016
Bank of America's Unlimited Cybersecurity Budget Sums Up Spending Plans In A War Against Hackers
The U.S. federal government, big banks, and big businesses are spending big bucks in a war against hackers and cyber criminals.

January 26, 2016
8 tips for recruiting cybersecurity talent
Finding cybersecurity talent isn't easy, but it's even harder if you use the same methods that work for other IT talent specialties. Here's how to get it right.

January 25, 2016
Brown to offer Executive Master in Cybersecurity
Brown University’s School of Professional Studies announces a new 16-month program leading to an Executive Master in Cybersecurity degree. Enrollment is underway for the fall session of the new degree program, created for individuals with five to 15 years of managerial experience and responsibility for information security.

January 22, 2016
Feds bankroll $4.2M UMass program for cybersecurity training
Cybersecurity is one of the hottest fields in technology. And that means there’s plenty of competition for bright young people with the right skills. Government agencies are trying to improve their recruitment of these in-demand graduates by bankrolling scholarships for digital security students, including a new program at UMass Amherst. The $4.2 million grant-funded initiative will help train up to 28 students in cybersecurity at the school for two years each, beginning this fall.

December 18, 2015
Obama to sign cybersecurity bill as privacy advocates fume
President Barack Obama is set to sign the most substantial piece of cybersecurity legislation in years, after an intense sprint of 24/7 negotiations managed to get the bill ready in time to be attached to the government spending measure the House and Senate approved Friday.

December 17, 2015
Validating Supply Chain Cybersecurity
How to identify risks, understand downstream effects, and prepare for incidents.

December 16, 2015
Former national security officials urge government to embrace rise of encryption
A number of former senior national security officials are urging that the government embrace the move to strong encryption by tech companies — even if it means law enforcement will be unable to monitor some phone calls and text messages in terrorism and criminal investigations.

December 15, 2015
Major cyber bill expected in omnibus
A major cybersecurity bill will likely be included in a sweeping omnibus spending deal expected late Tuesday night, according to multiple people with knowledge of the talks.

December 14, 2015
Twitter begins warning users of attacks from state-sponsored hackers
Twitter has begun notifying account holders who the company believes are being targeted by state-sponsored hackers, following in the footsteps of Google and Facebook as government-hired cyber spies continue to set their sights on social media.

December 11, 2015
Anonymous launches operation against Trump
The activist hacking group Anonymous has selected Donald Trump as its latest target in the wake of the GOP presidential candidate's proposal to ban Muslims from entering the U.S.

December 10, 2015
The human factor in cybersecurity: 5 key thoughts
Though often discussed in highly technical terms, cybersecurity and safeguarding patient data are arguably more human-centric than anything. The root cause of breaches is usually human error — an employee who falls for a phishing scam or shares a password, for example. Research from IBM shows 95 percent of all security incidents involve human error.

December 9, 2015
Survey: Agencies love the NIST cybersecurity framework
Both the public and private sector are finding the guide to be a vital tool.

December 8, 2015
Tech sector denounces bill requiring firms report terrorist activity
In the wake of terrorist attacks in California and Paris, Sens. Dianne Feinstein and Richard Burr are reviving a controversial proposal requiring social media sites report terrorist activity to federal authorities.

December 7, 2015
Clone of Want job security? Try cybersecurity
Even as employers added 211,000 jobs in November, prospective employees still have trouble finding jobs — unless you work in cybersecurity. That is one field where the demand for workers routinely outpaces applicants.

December 7, 2015
Want job security? Try cybersecurity
Even as employers added 211,000 jobs in November, prospective employees still have trouble finding jobs — unless you work in cybersecurity. That is one field where the demand for workers routinely outpaces applicants.

December 4, 2015
Lockheed Martin Corp. To Exit Cybersecurity, Double-Down On Helicopters And Combat Jets
Lockheed Martin Corp. has been planning to sell off or spin off its roughly $4 billion government information technology business since earlier this year. That would include its Cybersecurity unit.

December 3, 2015
Hotline Bling: China, U.S. Work to Further Cybersecurity Pact
The two countries aim to set up a ‘hotline mechanism’ for cybersecurity concerns and are taking other steps to discourage criminal hacking.

December 2, 2015
Cyber security market to grow big time
The global healthcare cybersecurity market is expected to exceed $10 million by 2022. To be exact, a new report pegs the market at $10,848.87 million in U.S. dollars.

December 1, 2015
New cybersecurity bills would add more secrecy for companies under public records laws
A proposed law meant to encourage companies to share information about cyberthreats with the U.S. government includes measures that could significantly limit what details, if any, the public can review about the program through federal and state public records laws.

November 30, 2015
How to improve international cyber-security
THE VAST stores of digital information generated by everyday lives—communications data, CCTV footage, credit-card records and much more—are now yielding invaluable clues about the terrorist attacks in Paris and are helping guide the hunt for the surviving plotters. But prevention is better than cure. The attacks have highlighted the failure of the authorities to share information across borders and agencies. How can this be improved?

November 27, 2015
Beware Black Friday Shoppers: New Malware Targeting POS Systems Discovered
Cybersecurity company iSight has discovered a new malware virus that is able to entrench itself so deeply into point-of-sale systems that it will be overlooked by most antivirus software. The firm states that the new form of attack is the most advanced that it has ever seen.

November 25, 2015
Getting started with a career in cybersecurity
With the ongoing and seemingly never-ending flood of cyberattacks, companies and governments the world over need experienced, skilled professionals to protect, defend, and strike back. But how do you get into the lucrative cybersecurity career? David Gewirtz has some advice.

November 24, 2015
How Lockheed Martin, Cisco and PWC manage cybersecurity
Forget systems … it’s your own people who are your greatest security threats. Luckily, and with training, they can also be your first line of defense.

November 23, 2015
Microsoft CEO takes a collaborative approach to cybersecurity
Microsoft CEO Nadella talks of company's role in an ‘ecosystem,’ saying partnerships and top-to-bottom protection and detection critical to battle emerging security threats.

November 20, 2015
State Dept. cybersecurity still lagging, audit finds
The State Department is not meeting federal information security requirements, potentially endangering the sensitive data it protects, according to an audit commissioned by the agency’s inspector general.

November 19, 2015
Cybersecurity Lessons Learned from the 9/11 Commission Report
Organizations must move beyond misaligned goals, poor collaboration, and organizational intransigence that hamper cybersecurity efforts at enterprise organizations.

November 18, 2015
Benchmark surveys: GCs, executives not prepared to defend against cyberbreaches - key protective steps
Although cybersecurity has become a more prominent issue for executives and boards of directors, three recent benchmark surveys − the BDO Board Survey, the 2015 Consero Group’s General Counsel Data Survey, and the 2015 US State of Cybercrime Survey − indicate that a number of cyber-preparedness gaps remain.

November 17, 2015
Closing the cybersecurity talent gap, one woman at a time
The severe shortage of cybersecurity talent is leaving the U.S. vulnerable to attacks. Women, in particular, are key to closing the security skills gap.

November 16, 2015
A Cybersecurity Generation Gap
Millennials--especially young women--not pursuing careers in cybersecurity due to lack of both awareness and interest.

November 15, 2015 ACSC
Two winners announced for the ACSC Cybersecurity Poster Session
Attendees of the ACSC Annual Conference voted for the top two student innovations presented during the ACSC Cybersecurity Poster Session

November 13, 2015
Cybersecurity Questions Anderson Cooper And Megyn Kelly Should Ask The Presidential Candidates
Here’s a call out to Cooper and Kelly – two the most popular media figures covering the Republican and Democratic front runners: Get the candidates talking about cybersecurity.

November 12, 2015
Cybersecurity: A Millisecond Defense
From access to activation, we pass through multiple digital ecosystems with devices that can be used to hack unrelated digital system processes in a millisecond.

November 11, 2015
Cyber vigilantes flex growing power
Activist hackers -- so-called hacktivists -- are getting harder to differentiate from more serious threats such as terrorist groups and nation-state cyber warriors, security researchers say.

November 10, 2015
Financial regulators weigh cybersecurity requirements
New York regulators are considering a host of cybersecurity requirements for banks and insurers and urged other state and federal authorities to collaborate on establishing a framework of defenses for the financial sector.

November 9, 2015
Know Thy Enemy. Hire a Hacker to Enhance Your Cybersecurity.
If your cybersecurity strategy isn’t up to snuff, you could be exposing your business to financial ruin.

November 6, 2015 ACSC
Same Rhetoric Permeates Going Dark Encryption Debate
The Going Dark encryption debate surfaced again on Wednesday at a small security conference here, and as in previous iterations before larger technical audiences and even Congress, the issue continues to spin on a hamster wheel going nowhere.

November 5, 2015 ACSC
Threat information without context is useless
On Wednesday, I attended an interesting panel on operationalizing threat intelligence at the Advanced Cyber Security Center conference held in Boston every year

November 4, 2015
The Biggest Cybersecurity Threat: The Energy Sector
Cybersecurity has been at the forefront of the news for several years. Coverage of the space usually focuses on a breach at a consumer-facing company, resulting in people’s credit cards, bank and personal records being stolen.

November 3, 2015
Experian Study on Data Breaches Reveals Gaps in Response Plans
While an increasing number of companies have a basic data breach response plan in place, many plans do not cover important steps and executives lack confidence in their ability to manage a major breach, according to a new study.

November 2, 2015
Data Privacy: The Next Big Lawsuit Bonanza
You’ve got to give the trial bar credit for being innovative. It has opened up a new frontier in the litigation sweepstakes—data privacy.

October 30, 2015
White House Details Plan to Bring Feds' Cybersecurity Up to Date
The White House announced plans on Friday to modernize the federal government's out-of-date cybersecurity practices. Work has been underway for much of the Obama administration, but the Office of Personnel Management hack reported in June must have made it abundantly clear that things weren't progressing fast enough.

October 29, 2015
The Problems Experts And Privacy Advocates Have With The Senate's Cybersecurity Bill
It took more than four years for the Senate to pass a cybersecurity bill. As the legislation grew stale amid compromise and contention on the Senate floor over the years, hackers continued to refine their criminal craft and develop more sophisticated methods of attack.

October 28, 2015
A Quick Guide to the Cybersecurity Bill Passed by the U.S. Senate
Yesterday, after more than a year of bickering, stalling and revising, the Senate passed its most significant cybersecurity bill to date 74–21.

October 27, 2015
7 Ways This Cybersecurity Expert Wants You to Protect Yourself Against Hackers
Here are seven tips from Michael Kaiser, executive director of the National Cyber Security Alliance, to help you protect yourself and your private information.

October 26, 2015
Senate cybersecurity bill misses the mark
Over the past few years, the federal government and big corporations, including Sony and Target, have been hit by massive data breaches, a chilling reminder of the severity and scope of cybersecurity threats.

October 23, 2015
Building Tomorrow’s Cybersecurity Workforce
Many companies need technology upgrades but are "starving" for the cash necessary to upgrade critical systems. That's the message from the author of a new study sponsored by the Georgia Tech Information Security Center.

October 22, 2015
Cybersecurity bill advances in Senate, but hurdles remain
Many companies need technology upgrades but are "starving" for the cash necessary to upgrade critical systems. That's the message from the author of a new study sponsored by the Georgia Tech Information Security Center.

October 21, 2015
CIOs reporting directly to CFOs can create massive cybersecurity headaches
Many companies need technology upgrades but are "starving" for the cash necessary to upgrade critical systems. That's the message from the author of a new study sponsored by the Georgia Tech Information Security Center.

October 20, 2015
Senate considers controversial cyber security bill
The U.S. Senate on Tuesday began debating a long-delayed bill that would make it easier for corporations to share information about cyber attacks with each other or the government without concern about lawsuits.

October 19, 2015
Cybersecurity Firm Says Chinese Hackers Keep Attacking U.S. Companies
It was heralded as the first concrete step taken by the United States and China on the thorny issue of online espionage.

October 16, 2015
A crackdown is coming on firms with lax cybersecurity
Financial firms that have lax cybersecurity practices can expect a crackdown from regulators, the head of the Securities and Exchange Commission’s enforcement unit said Friday.

October 15, 2015
SBA Unveils Small Business Cybersecurity Tools
In honor of October's designation as National Cybersecurity Awareness Month, the U.S. Small Business Administration (SBA) has unveiled a new Web page dedicated to promoting cybersecurity for small businesses.

October 14, 2015
Federally funded education programs aren't effectively closing the cybersecurity skills gap, says panel
Some federally managed university education programs focused on cybersecurity cannot, in their current state, address the skills gap for operational cyber defense talent in the federal government, according to a report.

October 13, 2015
Officials: Be specific about cybersecurity during acquisition
The administration has been pushing agencies to include more cybersecurity language in contracts, specifically in citing control standards like those advanced by the National Institute of Standards and Technology.

October 12, 2015
Cybersecurity Insurance: 4 Practical Considerations
There can't be reliable cybersecurity insurance until companies can identify who is responsible for the continuous exploitation of stolen data, long-lasting attacks, and hardly-detectable APTs.

October 9, 2015
Dell Files Confidentially for IPO of Cybersecurity Unit SecureWorks
SecureWorks could begin trading by year-end and may be worth as much as $2 billion

October 8, 2015
Cybersecurity education report aims to address student 'confusion'
According to the report, government can do more to explain and streamline different programs and scholarships available to students who want cyber skills.Tuesday, the Department of Homeland Security (DHS) Cybersecurity Strategy Act of 2015 (HR 3510) passed the House of Representatives which would direct the Secretary of the Department of Homeland Security to develop a departmental strategy to carry out cybersecurity responsibilities as set forth in law.

October 7, 2015
Important Cybersecurity Strategy Bill Passes House
Tuesday, the Department of Homeland Security (DHS) Cybersecurity Strategy Act of 2015 (HR 3510) passed the House of Representatives which would direct the Secretary of the Department of Homeland Security to develop a departmental strategy to carry out cybersecurity responsibilities as set forth in law.

October 6, 2015
Cybersecurity information-sharing bill to get Senate vote in October
The Senate is expected to take up a bipartisan cybersecurity bill later this month aimed at thwarting more massive hack attacks against the federal government and American companies, the bill's lead sponsors announced Tuesday.

October 5, 2015
Krebs: Most Firms Fail to Take Simple Cybersecurity Measures
Reports show federal agencies are unprepared for hackers and pending legislation won't help much.

October 4, 2015
What Comes After Cybersecurity Awareness?
Last year, for National Cybersecurity Awareness Month, we asked whether 2014 would be the year cybersecurity finally sinks in.

October 2, 2015
Government Is the Biggest Cybersecurity Threat
Reports show federal agencies are unprepared for hackers and pending legislation won't help much.

October 1, 2015
Happy Cybersecurity Awareness Month?
Well intended effort only calls attention to pervasive cybersecurity ignorance throughout society

September 30, 2015
GAO report sheds light on federal agencies' cybersecurity flaws
A U.S. Government Accountability Office report released Tuesday revealed that federal agencies are struggling to implement effective cybersecurity measures and policies, a notion that will surprise few.

September 29, 2015
Defense, Intel Leaders: Cybersecurity Priorities are Defense, Deterrence
Top officials from the Defense Department and the intelligence community told a Senate panel that defense and deterrence are two of the highest priorities for bolstering the nation’s cybersecurity capabilities. Deputy Defense Secretary Bob Work testified on cybersecurity policy and threats before the Senate Armed Services Committee, Sept. 29, 2015. Joining him were Director of National Intelligence James R. Clapper and Navy Adm. Mike Rogers, commander of U.S. Cyber Command and director of the National Security Agency.

September 28, 2015
Gender gap widens in cyber security field long dominated by men
Women account for just one out of 10 cyber security professionals, as the gender gap widened over two years in a male-dominated field with a drastic workforce shortage, a survey showed.

September 25, 2015
US reaches economic cybersecurity agreement with China
oday, President Obama, appearing with Chinese President Xi Jinping, announced that the United States and China had reached an agreement to curb "cyber-enabled theft of intellectual property" between the two countries

September 24, 2015
Cybersecurity Stocks: Which Is the Best?
FireEye (FEYE), Palo Alto Networks (PANW) and Cyberark Software (CYBR) are all providers of advanced cybersecurity products. While each company provides a vast array of services, each company also has a niche that defines it.

September 23, 2015
Cybersecurity legislation still draws intense opposition
Efforts to craft legislation that would promote sharing cyberthreat information between the private sector and government – without jeopardizing privacy, civil liberties and leaving organizations vulnerable to liability – isn’t there yet, according to critics.

September 22, 2015
SEC goes after investment adviser for poor cybersecurity
The Securities and Exchange Commission (SEC) settled charges Tuesday with an investment adviser that allegedly failed to properly protect its clients’ data in what might be a first-of-its-kind enforcement action.

September 21, 2015
Apple removes malicious apps after security breach
Apple Inc. has removed some applications from its App Store after developers in China were tricked into using software tools that added malicious code in an unusual security breach.

September 18, 2015
Cybersecurity Demands Culture Change, DoD Official Says
A change in culture is needed to protect against threats in the rapidly changing cyber domain, the Defense Department's chief information officer said here yesterday.

September 17, 2015
How to Pass a Cybersecurity Audit in 10 Steps
With data breaches becoming an unfortunate everyday occurrence, cybersecurity is no longer just an IT issue. Legal departments, which have a need to protect sensitive information, such as employees’ and clients’ personally identifiable information and nonpublic corporate information, are increasingly becoming involved in data security issues as the universe of risk exposure expands.

September 16, 2015
Jeb Bush unveils cybersecurity plan
Two days before the second Republican debate, Jeb Bush unveiled a cybersecurity plan Monday that he cast partly in terms of economics.

September 15, 2015
Ex-Spies Join Cybersecurity Fight
Firms turn to cloak-and-dagger tactics to infiltrate hacker groups and pre-empt attacks

September 14, 2015
US, China conclude cybersecurity discussions
Senior U.S. and Chinese officials wrapped up four days of meetings on cybersecurity over the weekend, Reuters reports.

September 11, 2015
Where Next for Government Cybersecurity?
On the 14th anniversary of 9/11/01, there are plenty of reasons to be thankful regarding public safety in America. And yet, there is also a growing list of cyber threats that are grabbing news headlines.

September 10, 2015
Insurance requirements can drive stronger cybersecurity, Treasury official says
The insurance industry has a key role to play in helping U.S. companies strengthen cybersecurity, a senior Treasury Department official said Thursday.

September 9, 2015
Opinion: On cybersecurity info sharing, it’s the medium not the message
If Congress succeeds in pushing through CISA, neither the bill in its current form – nor any of the amendments – will do much to increase the effectiveness or timeliness of cybersecurity information sharing.

September 8, 2015
U.S. Senator Says Nation Is 'On Point' with Cybersecurity
Although recent cyberattacks have affected U.S. agencies, one Congressman believes that the Army Cyber Command is completely prepared to take on any future hacks.

September 7, 2015
Kaspersky And FireEye Security Products Cracked By Researchers
A security researcher at Google made public the fact he had cracked Kaspersky’s anti-virus product before revealing the details to the Russian company.

September 3, 2015
The word for 2015: "Cybersecurity"
In the age of the mega-hack, a cyber protection industry percolates.

September 2, 2015
States taking steps to bolster cybersecurity
Two governors this week took executive action to improve their states’ cybersecurity defenses.

September 1, 2015
Do boards of directors actually care about cybersecurity?
Survey says business leaders probably don’t care as much about cybersecurity as they say they do

August 31, 2015
GSA Seeks Industry Input on Cybersecurity Schedule Offerings
Earlier this month, the U.S. General Services Administration (GSA) issued a Request for Information (RFI) soliciting feedback from industry on ways to improve the sale of Cybersecurity and Information Assurance (CyberIA) products and services through GSA’s multi-billion dollar Information Technology (IT) Schedule 70. - See more at: http://www.natlawreview.com/article/gsa-seeks-industry-input-cybersecurity-schedule-offerings#sthash.dYH6Y8vn.dpuf

August 28, 2015
Court ruling leads to fears of FTC litigation on cybersecurity
Industry groups are worried that an appeals court ruling giving the Federal Trade Commission permission to sue for shoddy cybersecurity will result in overregulation.

August 27, 2015
Military leaders warn U.S. is falling behind in cybersecurity
The United States is at risk of falling behind its enemies in the field of cybersecurity, military leaders said this week.

August 26, 2015
The 22 Amendments That Could Determine the Fate of the Senate's Cybersecurity Bill
After a brief but heated battle, senators packed up for summer recess early this month without voting on a key cybersecurity bill. In announcing that the bill's consideration would be delayed, Majority Leader Mitch McConnell lined up 22 amendments that will get a vote when the bill comes up again in the fall, a product of intense negotiations over the bill's fate.The latest research from MarketResearch.com forecasts the global cybersecurity market to jump from $106.32 billion in 2015 to $170.21 billion by 2020.

August 25, 2015
Cybersecurity Market Expected To Lock Down $170B
The latest research from MarketResearch.com forecasts the global cybersecurity market to jump from $106.32 billion in 2015 to $170.21 billion by 2020.

August 24, 2015
With a Major Cybersecurity Job Shortage, We Must Act Like We Are at War
Recently, the Internal Revenue Service revealed the data breach that happened in May via the agency’s “Get Transcript” program affected three times as many users as originally reported -- 334,000 accounts in all.

August 21, 2015
Survey Roundup: Execs Lack Confidence in Cybersecurity Plans
A survey of 100 security executives by Raytheon Cyber Products/Websense found 63% of respondents said their organization had suffered one or two breaches in the past year.

August 20, 2015
White House cybersecurity czar: Threat awareness has improved, but protection hasn't
Federal agencies are increasingly engaged in cybersecurity issues and understand they have something to protect, said the White House's cybersecurity czar, but he added that most agencies, like their private-sector counterparts, are not protecting themselves as well as they should.

August 19, 2015
Cybersecurity IPOs: two biggies to report... for now
Rapid7 and Sophos go IPO while many cybersecurity firms pursue M&A and investments.

August 18, 2015
Gaming Industry Seek Tougher Federal Cybersecurity Policies
Cyberscecurity is a growing concern after a number of large companies lost customer data during breaches in recent years.

August 17, 2015
Defense Spending Red Tape Endangers Cybersecurity
The Navy is using Windows XP because complicated spending rules have prevented a better upgrade.

July 10, 2015
The Dinosaurs Of Cybersecurity Are Planes, Power Grids And Hospitals
As we continue down the path toward complete connectivity — in which all devices, appliances and networks connect to each other and the Internet — it is evident that much of our longstanding technology can no longer keep up.

July 9, 2015
DHS Secretary: 'Federal Cybersecurity Is Not Where It Needs To Be'
Department of Homeland Security Secretary Jeh Johnson on Wednesday reaffirmed his goal to make the latest version of a cybersecurity intrusion detection and prevention platform -- known as EINSTEIN 3A -- available to all federal civilian agencies by the end of 2015

July 8, 2015
Steven LaFountain: Working to increase the cybersecurity talent pipeline
This summer, approximately 1,300 middle and high school students plus a number of K-12 teachers will attend cybersecurity camps at universities in 18 states, learning about online threats, basic cyber defenses and the ethics of operating in the virtual world.

July 7, 2015
New Cybersecurity Council backs info sharing legislation
Information sharing legislation has stalled in the Senate but that hasn't stopped government and industry from collaborating on cybersecurity issues.

July 6, 2015
When hackers get hacked: Hacking Team falls prey to hack attack.
Emails, passwords, and client lists were dumped online over the weekend as controversial Italian company Hacking Team found itself victim of a massive hack.

July 3, 2015
Cybersecurity legislation only a partial solution
The shocking truth is that only about 6 percent of healthcare data breaches to date are the work of hackers.

July 2, 2015
GAO sees room for improvement in bank cyber security exams
U.S. banking regulators must hire and train more examiners with technology expertise so they can give more useful cyber security recommendations to small and mid-sized banks, a federal watchdog agency has warned.

July 1, 2015
Doctors See Big Cybersecurity Risks, Compliance as Key for Hospitals
Cybersecurity and healthcare IT are both burgeoning areas of business. Put them together and you have a volatile mix of emerging technologies, security and privacy risks, and regulatory requirements—but also a lot of opportunity for growth and improvements.

June 30, 2015
When It Comes to Cybersecurity, Millennials Throw Caution to the Wind
Studies show young adults' risky online behaviors leave them more prone to cyber threats.

June 29, 2015
New tactics for improving critical infrastructure cybersecurity pushed by MIT consortium
The MIT Sloan School of Management has launched a consortium that touts interdisciplinary research and cooperation as keys to improving cybersecurity.

June 26, 2015
CIOs seek cybersecurity solutions, bigger voice in C-suite
Tech chiefs come together to sift through security issues, ranging from cybersecurity to budgets to CISO roles.

June 25, 2015
Military Branches Assemble to Break Ground on National Cybersecurity Strategy
The nation's best defense in cyberspace involves not only the military but private citizens and corporations, top security planners said in a closed-door meeting at the U.S. Army War College.

June 24, 2015
Officials Masked Severity Of Hack
OPM definition of hack allowed administration to initially deny security records were stolen; FBI suspects China was behind breach

June 24, 2015
Why Most Cybersecurity Activity Happens Outside the CISO’s Office
Most corporate cybersecurity efforts happen outside the official security department, says James Kaplan, a partner at McKinsey & Co. and co-author of “Beyond Cybersecurity: Protecting Your Digital Business.” Critical cybersecurity work touches all areas of a company, including risk management and application development, Mr. Kaplan said. He stopped by The Wall Street Journal’s office to discuss the current state of cybersecurity and how it can be more effective.

June 23, 2015
China says up to United States to resume cyber security talks
It is up to the United States to create conditions to resume regular talks on cyber security, China's foreign ministry said on Tuesday, as the two countries began three days of high-level meetings in Washington.

June 22, 2015
Money hasn't solved all our cybersecurity problems
Video report of expenditures by government and by private sectors.

June 19, 2015
This terrifying chart explains why cybersecurity is such a big problem for the government
The massive breach of Office of Personnel Management systems that compromised the personal data of millions of Americans is still making headlines. But behind those headlines is a much bigger story about the government's systematic failure to protect itself from cybersecurity risks that have expanded at an alarming rate.

June 18, 2015
Breach Defense Playbook, Part 4: Reviewing Your Cybersecurity Program
Most organizations are involved in a cyclical process of enhancing their cybersecurity posture focused around their sensitive data and processes. While enhancement involves roadmaps and milestones, a key element should also be evaluating your cybersecurity people, processes, and technology with the purpose of making transitional changes from a current state to a more secure future state.

June 17, 2015
Federal CIO says 'digitization of everything' will help enhance cybersecurity across government
The federal government's top technology official said June 15 that "the digitization of everything" will help accelerate a new technological model that infuses cybersecurity as a core component.

June 16, 2015
Cybersecurity stocks hit high; Goldman sees more
Cybersecurity stocks surged to an all-time high Friday as the U.S. government continues to investigate the possibility that Social Security numbers for every federal employee were stolen by hackers.

June 15, 2015
Feds on '30-day sprint' to better cybersecurity
As news of the full scope of the breach of Office of Management and Budget systems emerges, Federal CIO Tony Scott launched a government-wide Cybersecurity Sprint on June 12, giving agencies 30 days to shore up their systems.

June 12, 2015
Senate Rejects Measure to Strengthen Cybersecurity
On the heels of a vast breach of the personal information of federal employees, the Senate failed Thursday to advance a cybersecurity measure, the third time in three years that a bipartisan effort to tackle the problem has fallen victim to procedural actions.

June 11, 2015
Kaspersky Lab cybersecurity firm is hacked
Kaspersky Lab said it believed the attack was designed to spy on its newest technologies. It said the intrusion involved up to three previously unknown techniques. The Russian firm added that it was continuing to carry out checks, but believed it had detected the intrusion at an early stage. Although it acknowledged that the attackers had managed to access some of its files, it said that the data it had seen was "in no way critical to the operation" of its products.

June 10, 2015
Mitch McConnell tries to turn the tables on Dems with cyber bill
Senate Majority Leader Mitch McConnell is firing back at Senate Democrats’ procedural threats — by daring them to oppose a cybersecurity bill just days after a massive attack on the federal government’s computer systems was revealed. On Tuesday, McConnell announced his strategy to link the cybersecurity measure to a sweeping defense policy bill that’s now on the Senate floor. That could make it harder for Democrats to oppose the underlying bill, which they say uses a budget gimmick to boost defense funding.

June 9, 2015
Obama: U.S. Cybersecurity Problems Will Get Worse
The U.S. government has long known about its cybersecurity vulnerabilities, and the problem is only getting worse, President Barack Obama said Monday. "We have known for a long time that there are significant vulnerabilities, and that these vulnerabilities are going to accelerate as time goes by, both in systems within government and within the private sector," Obama said at news conference from the Group of Seven summit in Germany.

June 8, 2015
HackerOne turns hacking into legitimate, lucrative work
In 2011, two Dutch hackers in their early 20s made a target list of 100 high-tech companies they would try to hack. They found security vulnerabilities in Facebook, Google, Apple, Microsoft, Twitter, and 95 other companies’ systems. They called their list the Hack 100. When they alerted executives of those companies, about a third ignored them. Another third thanked them, curtly, but never fixed the flaws, while the rest raced to solve their issues. Thankfully for the young hackers, no one called the police.

June 5, 2015
US believes China behind cybersecurity breach affecting at least 4M federal employees
Hackers based in China are believed to be behind a massive data breach that could have compromised the personal data of at least 4 million current and former federal employees, U.S. officials said late Thursday.

June 4, 2015
Boston cybersecurity teams win a spot in Highland Capital’s pilot accelerator
Earlier this year, Highland Capital announced that in addition to hosting its competitive Summer@Highland accelerator in San Francisco this summer, it would also partner with a pair of MIT PhD students to launch a pilot accelerator in its Cambridge office specializing in cybersecurity startups. The program, Cybersecurity Factory, is being organized by Jean Yang and Frank Wang, and has just announced the two winning teams, both of which are Boston-based companies working on cloud encryption technology.

June 3, 2015
OVERNIGHT CYBERSECURITY: Senate finally passes NSA reform
It's finally over. The Senate on Tuesday sent legislation reforming the nation's surveillance laws to President Obama's desk. The 67-32 vote for the USA Freedom Act came more than 36 hours after three parts of the Patriot Act expired, forcing the National Security Agency (NSA) to wind down its bulk collection of U.S. phone data. The bill will essentially end the phone data collection program altogether.

June 2, 2015
The Power And Problem Of Privilege In Cybersecurity
All identities are not created equal. There are regular users. And then there are superusers, people who wield far greater access and privilege in the organization’s IT environment.

June 1, 2015
DoD slow to implement new rules on cybersecurity breaches
It's now been almost two years since the Defense Department issued a final rule requiring contractors to inform the government when their systems have been involved in cybersecurity breaches and that government technical data has been stolen.

May 29, 2015
NYSE and Veracode Reveal Surprising Results From Board Cybersecurity Survey
66% Are Not Confident Their Companies Are Properly Secured Against Cyberattacks

May 28, 2015
China cybersecurity plan aims to protect state secrets: official paper
China will prepare a five-year cybersecurity plan to protect state secrets and data, the official China Daily said on Thursday, citing a senior official of the Ministry of Industry and Information Technology.

May 27, 2015
A growing threat: Car hacking
A string of high-profile hacks — the most recent on President Obama’s personal email account — have made cybercrime an ever-growing concern in the United States. Despite the publicity, most people still think of hacking as something which is done only to information systems like computers and mobile devices. In reality, hacking is no longer confined to the information world. The level of automation in modern physical systems means that even everyday automobiles are now vulnerable to hacking.

May 26, 2015
What the security industry can learn from the World Health Organization
The discovery of computer bugs can be marketing boons for cybersecurity firms. But one critic says the industry should take a page from the health profession and select names for flaws that aren't designed to stoke fear or generate buzz.

May 25, 2015
Division of Investment Management Issues Cybersecurity Guidance-- Securities and Exchange Commission
On April 28, 2015, the staff of the Division of Investment Management of the SEC published a Guidance Update addressing cybersecurity risks and the need for funds and advisers to protect confidential and sensitive information concerning fund investors and advisory clients.

May 22, 2015
IEEE Cybersecurity Initiative Releases “Building Code for Medical Device Software Security”
IEEE, the world's largest professional organization dedicated to advancing technology for humanity, today announced the release of Building Code for Medical Device Software Security, a set of guidelines to help companies establish a secure baseline for software development and production practices of medical devices. Authored by leading security research scientists Tom Haigh and Carl Landwehr, Building Code for Medical Device Software Security provides the blueprint to reduce or eliminate vulnerabilities that adversaries can exploit to gain access to medical devices.

May 21, 2015
DoJ Calls On Private Sector to Strengthen Cybersecurity
The U.S. Department of Justice is stepping up its program to engage more actively with the private sector on dealing with cybercrime and cybersecurity breaches.

May 20, 2015
Toward Omniscient Cybersecurity Systems
CISOs need an all-knowing central system to truly address their cybersecurity monitoring, diagnostics, and operations need

May 19, 2015
CyberFed Encourages Women to Become more Involved in Cybersecurity
Men have long dominated the technology industry and the Cybersecurity Competition Federation (CyberFed) seeks to close that gender gap. To educate and inspire women to participate in cybersecurity competitions, CyberFed produces The CyberFed Show to showcase more women in the cybersecurity sector.

May 18, 2015
Inflated Cybersecurity Threat Escalates US-China Mistrust
The rhetorical spiral of mistrust in the Sino-American relationship threatens to undermine the mutual benefits of the information revolution. Fears about the paralysis of the United States' digital infrastructure or the hemorrhage of its competitive advantage are exaggerated. Policymakers in the United States often portray China as posing a serious cybersecurity threat. In 2013 U.S. National Security Adviser Tom Donilon stated that Chinese cyber intrusions not only endanger national security but also threaten U.S. firms with the loss of competitive advantage.

May 15, 2015
What is ‘cybersecurity law’?
Cybersecurity has become a big deal. Corporations have begun to worry about cybersecurity risks. In response, some major law firms have recently established or significantly bolstered practice groups in cybersecurity law. If you look closely, though, there isn’t much clarity about what ‘cybersecurity law’ actually means. In this post, I thought I would explain what I think of as the field of cybersecurity law.

May 14, 2015
For hackers, people are an IT system’s weak link
As big businesses spend millions of dollars to plug holes in their technology and block cyber criminals from databases of private consumer information, hackers are increasingly targeting a different weakness: employees. They are sending official-looking e-mails to large health systems, banks, retailers, and vendors to try to trick employees into giving up passwords or other credentials. Armed with employee passwords, criminals can access mines of sensitive information and use it to steal identities and commit fraud. That is how data from about 3,300 patients was breached last year at Partners HealthCare. Several employees responded to so-called phishing e-mails and mistakenly allowed access to patient names, addresses, health insurance information, and Social Security numbers. It turns out that tricking an employee to give up a password is easier than hacking, cyber-security specialists said.

May 13, 2015
Women In Security Speak Out On Why There Are Still So Few Of Them
They're now CISOs, security officials in DHS and the NSA, researchers, and key players in security -- but women remain a mere 10% of the industry population. It's a perplexing -- and sometimes annoying -- question nearly every female information security professional hears over and over again: why are there still so few women in their field? Just 10% of information security pros worldwide are women today, according to the latest data from (ISC)2, despite the fact that women are getting more high-profile roles in the industry and that there are job opportunities aplenty. It's a reality that confounds and frustrates many women in the industry, who today represent a mix of researchers, chief information security officers, executives, and top government cyber security leaders.

May 12, 2015
Quantum computing is about to overturn cybersecurity’s balance of power
“Spooky action at a distance” is how Albert Einstein described one of the key principles of quantum mechanics: entanglement. Entanglement occurs when two particles become related such that they can coordinate their properties instantly even across a galaxy. Think of wormholes in space or Star Trek transporters that beam atoms to distant locations. Quantum mechanics posits other spooky things too: particles with a mysterious property called superposition, which allows them to have a value of one and zero at the same time; and particles’ ability to tunnel through barriers as if they were walking through a wall.

May 11, 2015
Whistleblower accuses cybersecurity company of extorting clients
A cybersecurity company faked hacks and extorted clients to buy its services, according to an ex-employee.

May 8, 2015 ACSC
What’s new in the U.S. cyber strategy
The Department of Defense has just issued a new cyber strategy, which perhaps provides the best public presentation of how the United States thinks about cybersecurity. As always with these documents, what is left out is as important as what is put in. So how has U.S. strategic thinking about cybersecurity changed in the post-Snowden era?

May 7, 2015 ACSC
Valuable Federal Cybersecurity Training for Critical Infrastructure Organizations
Last week I wrote two blogs about cybersecurity, critical infrastructure organizations, and the US government. In the first blog, I mentioned some ESG research stating that 76% of cybersecurity professionals working at critical infrastructure organizations were somewhat or very unclear about the US government’s cybersecurity strategy (note: I am an ESG employee). In spite of this confusion, 83% of these same cybersecurity pros want to see the feds become more active with cybersecurity programs and defenses.

May 6, 2015
Cybercriminals borrow from APT playbook in attack against PoS vendors
Cybercriminals are increasingly copying cyberespionage groups in using targeted attacks against their victims instead of large-scale, indiscriminate infection campaigns. This change in tactics has been observed among those who launch attacks, as well as those who create and sell attack tools on the underground market. A recent example of such behavior was seen in a cybercriminal attack against vendors of point-of-sale systems that researchers from RSA documented last week.

May 5, 2015
16 World Renowned IT Security Experts Provide Their Website Security Tips and What You Should NEVER Do
Everyone – including the experts – makes mistakes when it comes to information security. Whether it’s failing to properly secure your website for customers, or not implementing effective password managers, minor cybersecurity gaps can rapidly evolve into a much more serious security incident. As security experts from around the globe gather for the annual RSA Conference in San Francisco, Distil Networks has compiled a list of tips and things you should NEVER do.

May 4, 2015
Once a field of self-taught hackers, cybersecurity education shifts to universities
Over the past year, colleges and universities across the country have received millions in funding from the government and foundations to launch cybersecurity initiatives. The result is a stark change for an industry made up of programmers who have often learned by trial and error.

May 1, 2015
Partners HealthCare Notifies 3,300 Patients of Email Breach
Boston-based nonprofit health care system Partners HealthCare is notifying about 3,300 patients about a security breach.

April 22, 2015
Raytheon VP: New cybersecurity joint venture will be 'formidable' against breaches
Obama signed an executive order today authorizing a program of sanctions to battle digital assaults coming from overseas. While the order seems aimed at the Chinese, it might also be the president's most successful tool for thwarting cyberattacks.

April 1, 2015
Opinion: Sanctions may be Obama's best idea yet to battle cyberattacks
Obama signed an executive order today authorizing a program of sanctions to battle digital assaults coming from overseas. While the order seems aimed at the Chinese, it might also be the president's most successful tool for thwarting cyberattacks.

March 26, 2015 ACSC
Guest Opinion: UMass is a line of defense from cyber-attacks
One way we can move forward in Massachusetts is in partnership with the Advanced Cyber Security Center, a four-year-old industry, higher education and government consortium that seeks to ensure that Massachusetts has the research and educational strengths it needs to be a global cybersecurity leader.

March 26, 2015
Citigroup Report Chides Law Firms for Silence on Hackings
Every month it seems another American company reports being a victim of a hacking that results in the theft of internal or customer information. But the legal profession almost never publicly discloses a breach.

March 25, 2015 ACSC
The race to build the Silicon Valley of cybersecurity
“We certainly think we have the resources and capabilities to be one of those centers of gravity [in cybersecurity],” Benway says. “We think we are one of the centers of gravity. We do have the right mix of assets and resources to be a national leader in cybersecurity.”

March 12, 2015 ACSC
Sell By Date: Research Finds Stolen Data is a Perishable Commodity
Nagourney’s research was funded by a grant from the National Science Foundation (NSF) and the Advanced Cyber Security Center (ACSC). Her findings were first presented in September 2014 at a Workshop on Cybersecurity Risk Analysis for Enterprises, held at the Sloan School at MIT.

March 12, 2015 ACSC
Charlie Baker cites increase in cyber attacks in Mass.
Yet the number of professionals in the field in Massachusetts is not enough to meet the demand, said Charlie Benway, executive director of the Advanced Cyber Security Center, a Bedford nonprofit consortium Mass Insight established in 2011.

March 12, 2015 ACSC
Security expert: Sharing is caring in fending off cyber attacks
Mick Costa, who works in cyber security for the Federal Reserve Bank of Boston, also works with a nonprofit consortium called the Advanced Cyber Security Center of Massachusetts, an outfit that educates businesses and organizations about cyber attacks. Costa spoke to North Shore business leaders Thursday at the North Shore Chamber of Commerce’s business expo, which featured 100 exhibitors at the DoubleTree by Hilton Boston North Shore.

March 11, 2015
Baker outlines email habits, touts cybersecurity as job base
The use of a personal email account by a high-ranking government official has also prompted questions about security. Baker may not be operating his own email server out of his Swampscott home, but on Wednesday in a speech to Mass Insight’s Global Massachusetts 2024 conference the governor highlighted cyber security as a “major challenge” in the digital age.

March 9, 2015
Akamai CSO takes a creative approach to finding security pros
Andy Ellis, chief security officer at Akamai, doesn't try to hire perfect candidates. Here’s why.

March 9, 2015 ACSC
Shortage of security pros worsens
“The size and scope of the problem has grown dramatically as the threat has increased and as we've seen more high-profile breaches,” says Charlie Benway, executive director of the Advanced Cyber Security Center (ACSC).

March 1, 2015
How Superfish’s Security-Compromising Adware Came to Inhabit Lenovo’s PCs
Until its advertising software was discovered deep inside Lenovo personal computers two weeks ago, a little company called Superfish had maintained a surprisingly low profile for an outfit once named America’s fastest-growing software start-up.

February 27, 2015
The Growing Cyber Threat
The “frequency, scale, sophistication, and severity” of cyber attacks against the United States are increasing from “profit-motivated criminals, ideologically motivated hackers or extremists, and variously capable nation states like Russia, China, North Korea, and Iran,” said James Clapper, director of national intelligence, during testimony before the Senate Armed Services Committee on Thursday.

February 24, 2015
Veracode CEO Bob Brennan on cyber threats (Video)
Bob Brennan, CEO of Burlington-based cybersecurity firm Veracode, talks about the state of cyber threats to companies worldwide and locally, and what his company can do to help. Video by Chen Shen, special to the Boston Business Journal.

February 20, 2015
Windows SSL Interception Gone Wild
This week researchers found that newer Lenovo laptops shipped with pre-installed software made by Superfish. The discovery is the latest reminder that our collective security depends on one another more than ever. As the news quickly rippled out, our Threat Infrastructure team at Facebook began performing an analysis of the details. Given our strong belief in the value of openness in security and learning from one another, we summarized some of our findings below to help guide future research on the subject.

February 17, 2015 ACSC
Security, Privacy and the Law Update on President Obama’s “Summit on Cybersecurity and Consumer Protection,” Part II: The Executive Order
As a follow up to our summary of the key takeaways from the White House’s first Summit on Cybersecurity and Consumer Protection, the centerpiece of which was President Obama’s signing of a new Executive Order, “Promoting Private Sector Cybersecurity Information Sharing,” what follows is an analysis of that Order.

February 12, 2015
Obama to encourage companies to share cyber threat data
Businesses are unlikely to share a lot of timely and "actionable" cyber intelligence without liability relief, said Mike Brown, a vice president with the RSA security division of EMC Corp.

February 11, 2015 ACSC
Security expert Michael Chertoff discusses cybersecurity challenges, solutions
Michael Chertoff, who served as secretary of the U.S. Department of Homeland Security from 2005-2009, will deliver the first University of Delaware Cybersecurity Initiative Distinguished Lecture on Feb. 10.

January 30, 2015 ACSC
Press Release: Cyber Security and Financial Stability
Founding member of the ACSC and President & CEO of the Federal Reserve Bank of Boston Eric S. Rosengren discusses Cyber Security and Financial Stability in Cape Town, South Africa on January 30, 2015

January 26, 2015 ACSC
Massachusetts’ profile as an innovator could reach new levels
Cybersecurity is another natural opportunity for a research center of excellence. Already a nonprofit consortium, the Advanced Cyber Security Center, has been launched, situated in Bedford, bringing together experts from industry, universities, and government to address cybersecurity threats. In robotics, Massachusetts has a fast-growing cluster, including some of the leading companies in the world.

January 21, 2015 ACSC
Obama’s Former Privacy Director Decries America’s Data Security
While legislation can offer liability protection, the need for such protection as an incentive for sharing has been exaggerated. Companies can and do already share confidential threat information under the protection of nondisclosure agreements. The Advanced Cyber Security Center, based in Boston, is one such sharing arrangement. It includes companies like Pfizer, State Street, and RSA/EMC Corporation along with with the Federal Reserve Bank of Boston and the Commonwealth of Massachusetts.

January 12, 2015
Cybersecurity startup scene in Boston is 'frothy,' RSA exec says
The cybersecurity startup scene in the Boston area could be summed up in one word: "frothy."

January 11, 2015
Obama to Call for Laws Covering Data Hacking and Student Privacy
President Obama on Monday called for federal legislation intended to force American companies to be more forthcoming when credit card data and other consumer information are lost in an online breach like the kind that hit Sony, Target and Home Depot last year.

January 8, 2015 ACSC
ACSC In The News
2014 was a pivotal year for media coverage of cybersecurity. Pervasive data breaches at major retailers and other institutions garnered consistent headlines across both trade media as well as mainstream press. For its efforts to facing pervasive cyber challenges, ACSC also received positive coverage in 2014 culminating in a Boston Business Journal op-ed piece on cyber resiliency and a feature story in Network World that highlights the ACSC and its direction in 2015.

January 5, 2015 ACSC
What Should the 114th Congress Do About Cybersecurity in 2015?
Rather than throw cybersecurity education funding at Congressional districts, we need to invest strategically in centers of excellence like the Massachusetts-based Advanced Cybersecurity Center which brings together private sector, public sector, and leading academic institutions.

December 22, 2014
‘Interview’ attack may signal new cyberwar
In a tweet, former US House speaker Newt Gingrich said, “With the Sony collapse America has lost its first cyberwar.”

December 19, 2014 ACSC
ViewPoint: The latest cybersecurity threat
This notion, that "threat actors' are already in, is a paradigm shift in the way sophisticated enterprises approach cybersecurity. To echo this point, this month, the Advanced Cyber Security Center (ACSC) welcomed Michael Chertoff, former secretary of The U.S. Department of Homeland Security and the Executive Chairman of The Chertoff Group to keynote our annual meeting.

December 16, 2014 ACSC
New England security group shares threat intelligence, strives to bolster region as cybersecurity mecca
The Advanced Cyber Security Center is a three year old organization with a bold mission to “bring together industry, university, and government organizations to address the most advanced cyber threats” and drive cybersecurity R&D in the New England region.

December 10, 2014 ACSC
Hanscom Air Force Base Partners With The Military Task Force To Create The Hanscom Collaboration and Innovation Center
New center located at Hanscom Air Force Base to enhance partnerships around cyber security, public safety, and information technology

December 2, 2014
Obama’s pick to lead the Pentagon is big on cybersecurity
President Obama's pick to lead the Pentagon, former deputy secretary of defense Ashton "Ash" Carter, has been a big supporter of increasing the country's cybersecurity capabilities.

November 24, 2014 ACSC
Press Release: ACSC Announces Winners of Cybersecurity Student Competition
National Cybersecurity Experts Vote to Select Cybersecurity’s “Next Big Thing”

November 12, 2014
Americans Say They Want Privacy, but Act as if They Don’t
Americans say they are deeply concerned about privacy on the web and their cellphones. They say they do not trust Internet companies or the government to protect it. Yet they keep using the services and handing over their personal information.

November 10, 2014
Federal government struggles against cyberattacks
A $10-billion-a-year effort to protect sensitive government data, from military secrets to Social Security numbers, is struggling to keep pace with an increasing number of cyberattacks and is unwittingly being undermined by federal employees and contractors.

November 7, 2014
Expert: Home Depot email hack may lead to ID thefts
Two months after it revealed that 56 million of its customers’ debit and credit cards had been compromised, Home Depot yesterday disclosed that hackers also stole 53 million email addresses — information that, coupled with customers’ financial data, could be used to hack their family and friends, as well as banks, businesses and government agencies, one expert said

November 6, 2014 ACSC
Schools, industry plan security consortium for cybersecurity
Mass Insight and the 3-year-old nonprofit Advanced Cyber Security Center plan a formal launch of the consortium next year. They so far have letters of support from the Univer­sity of Massachusetts, Northeastern University, MIT Computer Science and Artificial Intelligence Laboratory, State Street Corp., the Federal Reserve Bank of Boston, .406 Ventures and the city of Boston.

November 5, 2014 ACSC
Chertoff: Cybersecurity takes teamwork
Cyber security, to be successful, has to be a “team sport,” former Homeland Security secretary Michael Chertoff told attendees of the Advanced Cyber Security Center (ACSC) Conference at the Federal Reserve Bank of Boston Tuesday morning.

November 5, 2014 ACSC
Former Homeland Security chief warns of cyber threat
The conference was sponsored by Advanced Cyber Security Center, a Boston-based group of business representatives, government officials, and academics who share information and research about online threats.

October 31, 2014 ACSC
Press Release: Left of Boom: How and Where to Invest Across the Kill Chain
Press Release: ACSC welcomes Michael Chertoff, former secretary of the U.S. Department of Homeland Security and Executive Chairman of The Chertoff Group for keynote at the ACSC Annual Conference on November 5, 2014 at the Federal Reserve Bank of Boston.

October 17, 2014
Ponemon research: Cost of a breach rising, U.S. hit hardest
News roundup: New research shows a dramatic increase in the cost of cybercrime and data breach remediation. Plus: Security as a service popularity surges, Snowden journalist touts the importance of free security software, and more.

October 2, 2014
Cyberattack Against JPMorgan Chase Affects 76 Million Households
A cyberattack this summer on JPMorgan Chase compromised the accounts of 76 million households and seven million small businesses, a tally that dwarfs previous estimates by the bank and puts the intrusion among the largest ever

September 24, 2014
Remote exploit vulnerability in bash CVE-2014-6271
A remotely exploitable vulnerability has been discovered by Stephane Chazelas in bash on Linux and it is unpleasant. The vulnerability has the CVE identifier CVE-2014-6271 and has been given the name Shellshock by some. This affects Debian as well as other Linux distributions. You will need to patch ASAP.

September 23, 2014 ACSC
Faculty Coordinate MIT Workshop on Cybersecurity Risk Analysis for Enterprises
Anna Nagurney and Senay Solak from the operations and information management department, Mila Getmansky Sherman of the finance department, and Wayne Burleson from electrical and computer engineering, supported the conference with proceeds from a $40,000 grant from the Advanced Cyber Security Center, a nonprofit consortium based in Bedford.

September 20, 2014 ACSC
Cybersecurity Risk Analysis for Enterprise Risk Security
The event was sponsored through a grant that we received from the Advanced Cyber Security Center (ACSC): Professors Wayne Burleson of the College of Engineering, Mila Sherman of the Finance Department, and Senay Solak, and I of the Department of Operations and Information Management at UMass Amherst.

September 19, 2014
Home Depot: Breach cost $62M, exposed 56M cards
The Home Depot Inc.’s Sept. 2 data breach will cost the company $62 million and is estimated to have put information at risk for 56 million payment debt/credit cards.

September 19, 2014
Cyber Alliances: Collective Defense Becomes Central To Securing Networks, Data
When the North Atlantic Treaty Organization — NATO — wrapped up its summit in Wales earlier this month, the member-states issued a lengthy communique expressing solidarity on major defense challenges. One of the challenges mentioned was cybersecurity. The alliance stated that “cyber defence is part of NATO’s core task of collective defence,” presenting concerns so severe that they might lead to invocation of Article Five of the North Atlantic Treaty — the article calling on all members to come to the defense of a threatened nation.

September 18, 2014
Gartner: 75 percent of mobile apps will fail security tests through end of 2015
The bulk of mobile applications (75 percent) will fail basic security tests over the next 15 months or so – through the end of 2015 – leaving businesses vulnerable to attack and violations of their security policies, according to a report from Gartner.

September 11, 2014
Local cybersecurity startups grow into IPO contenders
Burlington-based Veracode on Thursday announced $40 million in new funding to fuel further growth, one of the largest rounds of venture capital funding secured by a Boston-area tech company in 2014.

September 7, 2014
Job market red hot for those with the right skills
The information technology sector has boomed for a number of years now, creating a shortage of workers with degrees and experience in the computer sciences. From startups to established tech firms, companies can’t find enough qualified IT workers for their needs, said Brendan King, chief executive of King & Bishop Inc., a Waltham recruiting company.

September 4, 2014
Data thefts hit 1.2 million Mass. residents in 2013
Nearly one in five Massachusetts residents had their personal or financial information stolen in data breaches last year, a figure driven by a massive data theft at Target Corp. stores, according to a state report set for release Thursday, as cybercrime becomes more frequent, sophisticated, and malicious.

August 29, 2014
Make cybersecurity a priority for your business
All organizations, regardless of industry or size, are subject to cybersecurity risks.

August 29, 2014
Report: Greater Boston trails only Silicon Valley in tech employment
The Greater Boston area ranks second in the nation in tech employment and fourth in tech-related venture capital funding among major U.S. markets, according to a report released Friday from commercial real estate firm Jones Lang Lasalle.

August 29, 2014
Companies lag in revealing data breaches, consumer groups say
Rumors of a data breach at a major New York bank started circulating more than a week ago in cybersecurity circles. So for insiders, news that JPMorgan Chase had been victimized was more confirmation than revelation, the latest headline from a digital crime wave that shows no sign of ebbing.

August 27, 2014
JPMorgan and Other Banks Struck by Hackers
A number of United States banks, including JPMorgan Chase and at least four others, were struck by hackers in a series of coordinated attacks this month, according to four people briefed on a continuing investigation into the crimes.

August 25, 2014
Casualties of Cyber Warfare
American and Chinese companies are getting caught in the crossfire of the brewing cyber war.

August 24, 2014
Market watchdog warns on danger of cyber attack
A global watchdog has sounded the alarm about the growing danger of cyber attacks, on financial markets, warning that companies and regulators around the world need to address the “uneven” response to the threat of online assaults.

August 22, 2014
U.S. Finds ‘Backoff’ Hacker Tool Is Widespread
More than 1,000 American businesses have been affected by the cyberattack that hit the in-store cash register systems at Target, Supervalu and most recently UPS Stores, the Department of Homeland Security said in an advisory released on Friday.

August 20, 2014 ACSC
New England’s Advanced Cyber Security Center and the Western Cyber Exchange Demonstrate Major Cybersecurity Advancement
In an unprecedented victory for cyber security, the Advanced Cyber Security Center (ACSC) in Boston, Mass., and the Western Cyber Exchange (WCX) Network Laboratory in Colorado Springs, Colo., successfully and securely exchanged cyber threat messages using leading cyber analytic tools.

August 5, 2014
Russian Gang Amasses Over a Billion Internet Passwords
A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

August 3, 2014
Meet Fortune's 2014 Big Data All-Stars
Big data is about more than big numbers. Meet Fortune’s first class of Big Data All-Stars: 20 extraordinary people who we think are the best at connecting the dots, digging deep, and discovering the information that will transform the way businesses operate.

July 22, 2014
NSA targets college students to fill cyber professionals shortage
In response to a shortage of cyber professionals in the U.S., the National Security Administration is reaching out to a younger crowd: college students. Beginning in 2012, the NSA started its National Centers of Academic Excellence in Cyber Operations Program at select universities across the nation to attract students to the field.

July 20, 2014
A Tough Corporate Job Asks One Question: Can You Hack It?
Chief information security officers have one of the toughest jobs in the business world: They must stay one step ahead of criminal masterminds in Moscow and military hackers in Shanghai, check off a growing list of compliance boxes and keep close tabs on leaky vendors and reckless employees who upload sensitive data to Dropbox accounts and unlocked iPhones.

July 12, 2014
Defending the digital frontier
Companies, markets and countries are increasingly under attack from cyber-criminals, hacktivists and spies. They need to get much better at protecting themselves, says Martin Giles.

July 11, 2014
The 5 biggest data breaches of 2014 (so far)
According to the Identity Theft Resource Center, there have already been 395 data breaches in the U.S. this year that have been reported to regulators or covered by media outlets, a 21 percent increase over the same period last year.

July 9, 2014
Controversial Cybersecurity Bill Known As CISA Advances Out Of Senate Committee
The Senate Select Committee on Intelligence voted Tuesday to approve a controversial cybersecurity bill known as the Cyber Information Sharing Act (CISA).

June 30, 2014
Energy companies hit by cyber attack from Russia-linked group
The industrial control systems of hundreds of European and US energy companies have been infected by a sophisticated cyber weapon operated by a state-backed group with apparent ties to Russia, according to a leading US online security group.

June 18, 2014 ACSC
Confer and The MITRE Corporation Join Forces to Accelerate Threat Sharing and Operationalize Threat Intelligence
CRITs has already established itself as a key tool in active defense. The Advanced Cyber Security Center (ACSC)—a non-profit consortium, comprised of 27 New England area industry, university, and government organizations, established to address the most advanced cyber threats—leverages CRITs to share threat intelligence among its members.

June 11, 2014
P.F. Chang's May Have Leaked Info on Thousands of Credit Cards
The restuarant chain may be the latest victim of point-of-sale card heisters.

June 10, 2014
Cybercrime costs world economy about $445b, group projects
The likely annual cost of cybercrime and economic espionage to the world economy is more than $445 billion — or almost 1 percent of global income, according to estimates from a Washington think tank.

June 8, 2014
Cyberattack Insurance a Challenge for Business
Julia Roberts’s smile is insured. So are Heidi Klum’s legs, Daniel Craig’s body and Jennifer Lopez’s derrière. But the fastest-growing niche in the industry today is cyberinsurance.

May 30, 2014
Akamai CEO Tom Leighton on the four 'grand challenges' facing the Internet
The past five decades have seen extraordinary advances in computer science and artificial intelligence, but one of the most important was the advent of the Internet.

May 30, 2014 ACSC
Leading cyber minds converge at Hanscom
Organized by the Advanced Cyber Security Center (ACSC) and hosted by leaders at Hanscom, the event fostered vigorous discussion about the most efficient and secure ways to store and protect critical data and systems.

May 29, 2014 ACSC
GOVERNOR PATRICK PARTICIPATES IN CYBER SECURITY PANEL TO DISCUSS SECURITY INITIATIVES IN MASSACHUSETTS
The Commonwealth of Massachusetts through the Executive Office of Public Safety and Security, Massachusetts Army National Guard, the Information Technology Division and the University of Massachusetts are members of the Advanced Cyber Security Center. The center is a nonprofit consortium that brings together industry, university and government partners to address the most advanced cyber threats.

May 19, 2014
in China Army Face U.S. Charges of Cyberattacks
In the Obama administration’s most direct confrontation with China over its theft of corporate secrets, the Justice Department on Monday unsealed an indictment of five members of the Chinese People’s Liberation Army and charged them with hacking into the networks of Westinghouse Electric, the United States Steel Corporation and other companies.

May 5, 2014
How the Target CEO resignation will affect other execs' security views
Target Corp. announced today that CEO Gregg Steinhafel has stepped down from his position, effective immediately, less than five months after it was discovered the retail giant had been struck by a massive data breach.

May 2, 2014
Boston Business Journal names 2014 CIO Awards winners
Congratulations to ACSC member Chris Perretta of StateStreet for winning BBJ’s 2014 top CIO award!

May 1, 2014
Call for Limits on Web Data of Customers
The White House, hoping to move the national debate over privacy beyond the National Security Agency’s surveillance activities to the practices of companies like Google and Facebook, released a long-anticipated report on Thursday that recommends developing government limits on how private companies make use of the torrent of information they gather from their customers online.

April 27, 2014
State seeks cyber aces
Techies who win code contest to get boost at career job fair

April 25, 2014 ACSC
Kilmer, Tsongas bill will increase military cyber security
Congressman Derek Kilmer (WA-6) and Congresswoman Niki Tsongas (MA-3) announced today they will introduce legislation to make the Department of Defense information technology systems stronger, more efficient and more secure.

April 23, 2014
Around Internet, password fatigue setting in
Protection becomes a not-so-secret frustration

April 10, 2014 ACSC
Getting Serious about Information Sharing for Cybersecurity
Non-profit information sharing organizations such as Boston’s Advanced Cybersecurity Center, the Bay Area Security Council, and ChicagoFirst have shown value in building smaller trust networks across sectors in metropolitan areas. And many for-profit information sharing organizations are also stepping into the game.

April 9, 2014
‘Heartbleed’ Internet security bug is as bad as it sounds
The word “Heartbleed” meant nothing at the start of the week. Today it is one of the hottest topics on the Internet — a simple security bug in an obscure piece of software that could compromise the personal information of millions.

April 4, 2014
The FBI and the growing threat of cyberattacks on Boston's startups
Federal officials and IT-security industry executives are worried that more attacks like the Bit9 hack could be coming soon. They say cyber attacks are posing an increasing threat to small and midsized firms.

March 26, 2014
Law Firms Are Pressed on Security for Data
A growing number of big corporate clients are demanding that their law firms take more steps to guard against online intrusions that could compromise sensitive information as global concerns about hacker threats mount.

March 25, 2014
Allied Minds, MITRE partnership means more funding for cyber security
Allied Minds, Inc., a Boston technology capital investment firm that funds early-stage technologies from U.S. national labs, has partnered with The MITRE Corp., a not-for-profit organization that operates six federally funded research labs, with the aim of commercializing technologies, starting those in the cyber and mobile security field.

March 18, 2014 ACSC
GOVERNOR PATRICK SIGNS $177 MILLION MILITARY BOND BILL
Funding for Hanscom Air Force Base and Barnes Air National Guard Base will support economic growth for municipalities, aid national security efforts

March 2, 2014
Report Calls for Better Backstops to Protect Power Grid From Cyberattacks
Despite rising anxiety over the possibility of a cyberattack on the power grid, the industry and government are not set up well to counter the threat, according to a report produced by leading energy security experts.

February 25, 2014
Next-Generation Cybersecurity Ratchets Up
Silicon Valley is jumping into the effort to find more sophisticated ways of stopping attacks like the one on Target

February 25, 2014
White House, MIT in data privacy workshop
The administration selected the Massachusetts Institute of Technology to help it understand the privacy implications of big data, in which computers — deep inside the NSA or in the offices of Amazon.com Inc. — analyze massive collections of personal information to either uncover potential terror threats or figure out shopping habits.

February 6, 2014
Akamai shares spike 20% on rosy forecast
In a week that started out badly for Akamai Technologies, the firm's shares surged on Thursday after it gave higher-than-expected guidance for first-quarter revenue and profit.

January 31, 2014
'ChewBacca' hackers targeted retailers in 11 countries: RSA
A cyber criminal ring targeting small retailers in 11 countries stole data on 49,000 payment cards using a malicious software known as "ChewBacca" before the operation was shut down, according to a cyber research firm.

January 29, 2014
Massachusetts data breaches, large and small, hit record level in 2013
The number of reported data breaches hit a record level in Massachusetts last year.

January 28, 2014
Akamai Releases Third Quarter, 2013 'State of the Internet' Report
Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today released its Third Quarter, 2013 State of the Internet Report.

January 27, 2014
Techstars enrolls a new class of startups
Mass. ranks 3d with promising companies

January 15, 2014
Startups flock to Biogen Idec hoping to do business
A report released last summer by the Massachusetts Biotechnology Council listed the state as the leading biotechnology cluster in the world, with more than 56,000 jobs — over half in research — and 1,174 drugs under development.

January 6, 2014 ACSC
Network Economics of Cyber Crime with Applications to Financial Service Organizations
In this presentation, Nagurney describes the multidisciplinary research conducted as part of an Advanced Cyber Security Center grant on Cyber Security Risk Analysis and Investment Optimization.

January 3, 2014
Customers paying the price after Target breach
CNBC's Kayla Tauche discusses how big banks can respond to security breaches more quickly than smaller institutions and how that helps their customers.

January 2, 2014
FireEye Computer Security Firm Acquires Mandiant
In a deal that may have broad repercussions for companies and governments fending off sophisticated hackers and state-sponsored digital attacks, FireEye, a provider of security software, has acquired Mandiant, a company known for emergency responses to computer network breaches.

November 14, 2013 ACSC
Experts propose better cybersecurity information-sharing models
Better cybersecurity information sharing has long been a priority for the security industry, but significant hurdles have always halted the progress of sharing initiatives. At the annual ACSC conference, security leaders from government, education and private industry made another attempt at cracking the info-sharing chestnut.

November 13, 2013 ACSC
Cybersecurity threat sharing faces challenges, warns MITRE's security officer
Firms trying to share information about the wrong things--vulnerabilities and compromises

November 13, 2013 ACSC
Defenders Still Chasing Adequate Threat Intelligence Sharing
Caulfield was speaking about the Advanced Cyber Security Center (ACSC) which hosted its annual conference at the Fed here Tuesday. The ACSC is a cross-sector group of more than 30 public and private sector security officers who meet monthly to facilitate information sharing.

October 3, 2013
With Cyber Aces, Massachusetts hopes to turn hackers into crime fighters
A bad guy turned good is a valuable asset, and Governor Deval Patrick is looking for people like Red to help nab cyber criminals — except he’s hoping they’ll skip the years of real lawbreaking and just practice hacking legally through the Governor’s Cyber Aces Championship.

September 30, 2013
Worry About Cyberattacks Increases, Survey Says
94 percent of small-business owners were worried about cybersecurity and nearly half reported their businesses were victims of cyberattacks

September 27, 2013 ACSC
Cyberattacks on the rise in higher education
Foreign governments and organized crime targeting institutions’ most sensitive information.

September 25, 2013
Cyber attacks to escalate over next decade
Medical implants, cars and critical infrastructure such as gas pipelines could be at risk from cyber attacks by the end of the decade.

September 12, 2013 ACSC
Hack victims urged to share the gory details
Advanced Cyber Security Center fosters voluntary information sharing among private organizations as a way of staying ahead of the bad guys

September 5, 2013
N.S.A. Able to Foil Basic Safeguards of Privacy on Web
The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

September 2, 2013
Syrian Electronic Army Hacks Marines Website
A collection of pro-Syrian government hackers apparently defaced a Marine Corps recruitment website Monday.

August 22, 2013 ACSC
Advanced Cyber Security Center Names New Executive Director
The Board of Directors of the Advanced Cyber Security Center (ACSC), a non-profit consortium bringing together industry, university, and government partners to address the most advanced cyber threats, has concluded a comprehensive, six-month search by selecting Charlie Benway as the ACSC’s new executive director effective immediately.

August 21, 2013 ACSC
Courion Joins Advanced Cyber Security Center to Help Companies Prevent Sophisticated Cyber Security Attacks
Collaborates with experts from healthcare, energy, defense and financial services to develop next-generation defenses by augmenting security solutions with intelligent IAM

August 14, 2013 ACSC
Cyber attack danger grows
EARLY WARNING: James Caufield of the Advanced Cyber Security Center in Boston speaks at the National Association of State Auditors, Comptrollers and Treasurers’ annual conference at the World Trade Center yesterday.

August 2, 2013
Chinese Hacking Team Caught Taking Over Decoy Water Plant
A hacking group accused of being operated by the Chinese army now seems to be going after industrial control systems.

July 31, 2013
DDoS attacks getting bigger but shorter in duration
Hacktivist group Izz ad-Dim al-Qassam Cyber Fighters's strategy said to be driving up raw number of attacks and depressing their duration

July 25, 2013
Russian hackers charged in 'biggest' data breach case, 160mn credit card numbers stolen
A US court has charged four Russians and a Ukrainian for stealing more than 160 million credit card numbers, which the prosecution says has resulted in hundreds of millions of dollars in losses for major corporations worldwide.

July 22, 2013
Study Lowers Loss Estimates from Cyberespionage
The cost of cyberespionage and cybercrime to the U.S. may reach $100 billion a year, according to a study to be released Monday, casting doubt on earlier estimates that the costs were as much as 10 times higher.

July 16, 2013
Universities Face a Rising Barrage of Cyberattacks
America’s research universities, among the most open and robust centers of information exchange in the world, are increasingly coming under cyberattack, most of it thought to be from China, with millions of hacking attempts weekly.

June 20, 2013 ACSC
ACSC Member Survey: Actionable Intelligence Increases
The ACSC Q2 Threat Sharing Survey demonstrates the positive impact of participation in the ACSC.

June 13, 2013
Potential Cyberattacks on Implanted Medical Devices Draw Attention
Worries over medical-device cybersecurity have largely focused on plugged-in equipment primarily used in hospitals, such as computed tomography scanners and heart monitors that are vulnerable to viruses traveling across medical networks.

June 7, 2013
Is Big Data turning government into 'Big Brother'?
With every phone call they make and every Web excursion they take, people are leaving a digital trail of revealing data that can be tracked by profit-seeking companies and terrorist-hunting government officials.

May 29, 2013 ACSC
How Obama should work with business to combat China cyberspying
The US Department of Homeland Security needs to use its authority to incentivize and enable the creation of trusted federations of companies, like the Advanced Cyber Security Center in Massachusetts, that share cyberthreat information and best practices for cyberprotection.

May 10, 2013
Cybersecurity: Government Regulations Can’t Keep Up
For the first time since 2005, the U.S. National Institute of Standards and Technology (NIST) has revised the federal cybersecurity standards.

May 7, 2013
Banks Say Fed Should Lead in CyberSecurity for Industry
U.S. banks urged the Federal Reserve to take the lead in defending the financial services industry from cyber attacks by working with federal counterterrorism, intelligence and law enforcement agencies, documents show.

April 27, 2013
White House eases stance on corporate cybersecurity
The White House has backed away from its push for mandatory cyber­security standards in favor of an approach that would combine voluntary measures with incentives for companies to comply with them.

April 18, 2013
Congress still at cyber odds after CISPA passage
Chinese cyberspies are stealing businesses’ trade secrets. Iranian hackers are targeting U.S. banks. And the federal government is grappling with cyber espionage almost daily — even as it’s spending more than ever to stop it.

April 11, 2013
Obama Boosts Pentagon Cyber Budget Amid Rising Attacks
The Obama administration plans to boost U.S. spending on computer network security, including a 21 percent increase at the Pentagon, after reports of rising cyber attacks and electronic theft of secrets linked to China.

March 12, 2013
The Companies and Countries Losing Their Data
With China hacking the US, the US hacking China, and LinkedIn and Facebook and credit card companies and Google and who knows who else all vomiting our data all over the web, I was intrigued when a new report on data loss ran across my desk from auditing firm KPMG.

March 8, 2013
How Many Cyberattacks Hit the United States Last Year?
Thanks to the warnings of senior lawmakers and Obama admiistration officials, Americans are growing more aware of online vulnerabilities that could lead to a “cyber Pearl Harbor” attack.

March 6, 2013 ACSC
Hot security skills of 2013
David Luzzi, executive director of Northeastern University's Strategic Security Initiative, adds logical reasoning and the ability to inspect ideas as important skills to build on the foundation of excellent verbal and written communication skills.

February 25, 2013
You Call This an Army? The Terrifying Shortage of U.S. Cyberwarriors.
When the Soviet Union launched the first satellite in 1957, it set off an intellectual arms race that led to more than $1 billion of federal investment in science education. Within a decade, Americans were sending their own expeditions to outer space.

February 20, 2013
The Art of Cyberwar
If Beijing was going to threaten the United States with a cyberattack, how would it do it?

February 20, 2013
Chinese cyberspies have hacked most Washington institutions, experts say
Start asking security experts which powerful Washington institutions have been penetrated by Chinese cyberspies, and this is the usual answer: almost all of them.

February 15, 2013 ACSC
Internship Information Sessions
Help us Develop Tomorrow's Cyber Security Experts

February 6, 2013
NIST Updating Security Controls
Final Draft Issued of Revisions to Special Publication 800-53

January 30, 2013
Hackers in China Attacked The Times for Last 4 Months
Chinese hackers infiltrated The New York Times’s computer systems, getting passwords for its reporters and others.

January 24, 2013 ACSC
WCX bringing cyber security experts to Springs Jan. 30
At the quarterly update and dinner, WCX will provide a progress report on its efforts to collaborate with the Advanced Cyber Security Center in Boston. The two organizations have teamed up to increase local and national resilience to threats from cyber attacks.

January 9, 2013
Security Skills Shortage Places IT at Risk
Experts Assess Impact of Open Positions

January 3, 2013 ACSC
White House staff calls ACSC the "most impressive" model
Pat Falcone, Associate Director, National Security & International Affairs Division at the White House OSTP singled out the ACSC as the "most impressive" and one of the best models she has seen for bringing together regional entities around the topic of cyber security.

January 2, 2013 ACSC
ACSC Research and Development year-end announcement
The ACSC is pleased to announce the submission of the proposal entitled, Cybersecurity Risk Analysis based on Financial Engineering and Big-Data Analytics (CRAFA), led by the University of Massachusetts Amherst, represented by PIs Wayne Burleson, Anna Nagurney, Mila Getmansky, Senay Solak, Yanlei Diao, and the Massachusetts Institute of Technology, represented by PI Andrew Lo.

December 1, 2012
Inside 'Plan X:' The Pentagon’s plan for cyberweapon central
New publication from the Pentagon's research arm details a foundation for cyberwarfare.

November 28, 2012 ACSC
UMass student wins security competition
The Advanced Cyber Security Center — a New England consortium of university, industry, and government leaders focused on meeting cyber security challenges — this month named University of Massachusetts Amherst PhD student Georg T. Becker of as the winner of its "Best Cyber Security Solution" competition.

November 28, 2012
CyberCity allows government hackers to train for attacks
“The development of a science of cybersecurity could take decades,” Fred B. Schneider, the Samuel B. Eckert professor of computer science at Cornell University and a Pentagon adviser, wrote recently in “The Next Wave,” a nonclassified publication of the National Security Agency. “The sooner we get started, the sooner we will have the basis for a principled set of solutions to the cybersecurity challenge before us.”

November 27, 2012 ACSC
Winner of ACSC’s Best Cyber Security Solution: Georg T. Becker, University of Massachusetts Amherst
The Advanced Cyber Security Center (ACSC), New England’s premier consortium of university, industry, and government leaders collaboratively facing cyber security challenges, has named Georg T. Becker of University of Massachusetts Amherst as the winner of its Best Cyber Security Solution.

November 16, 2012 ACSC
ACSC launches regional agenda to attack cyber threats
Hundreds of thought leaders from government, academia and the tech industry joined together at the Federal Reserve Bank of Boston to discuss the new agenda of the Advanced Cyber Security Center.

November 15, 2012 ACSC
Government, industry leaders share cybersecurity funding priorities
Organizations need to move from a static, perimeter-based approach to a more analytical-based defense strategy, according to experts at the second annual Advanced Cyber Security Center Conference.

November 15, 2012 ACSC
Adequate Attack Data and Threat Information Sharing No Longer a Luxury
While some industry groups such as the Financial Services Information Sharing and Analysis Center (FS-ISAC) and cross-industry groups such as the Advanced Cyber Security Center (ACSC) facilitate the exchange of threat information, for the most part organizations are still hamstrung by legal constraints and other business factors that prevent an adequate flow of actionable information.

November 15, 2012 ACSC
$10+ Million Collaborative University-Industry Research Projects Highlight the Advanced Cyber Security Center Annual Conference
More than 250 leaders from industry, academia, and government joined Gregory Bialecki, Secretary of The Massachusetts Executive Office of Housing and Economic Development today to welcome Dr. Steven King from the U.S. Department of Defense and Scott Tousley from the U.S. Department of Homeland Security for the Advanced Cyber Security Center Annual Conference: Organizing Public-Private Assets to Solve Grand Challenges at the Federal Reserve Bank of Boston.

November 6, 2012
10 IT Security Tips for Small and Midsize Businesses
Security attacks often arrive unannounced, but a well-established security plan and implementation can help mitigate these often costly situations. A recent discussion I had on the IBM for Midsize Businesses group on Linkedin, however, aimed to offer midsize business leaders guidance on how to protect their business, and their data.

November 6, 2012 ACSC
Liberty Mutual Insurance melds regulatory compliance and security awareness
John McKenna of Liberty Mutual speaking about the benefits of collaborating with industry and university members within the ACSC.

October 31, 2012 ACSC
Advanced Cyber Security Center Helps Level the Cyber Playing Field
From its offices at MITRE in Bedford, Mass., the Advanced Cyber Security Center (ACSC) is developing innovative ways to identify, analyze, and respond to cyber threats.

October 29, 2012
Killing the Computer to Save It
Dr. Shrobe argues that because the industry is now in a fundamental transition from desktop to mobile systems, it is a good time to completely rethink computing. But among the biggest challenges is the monoculture of the computer “ecosystem” of desktop, servers and networks, he said.

October 23, 2012
In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back
The attack, intelligence officials say, was a wake-up call. “It proved you don’t have to be sophisticated to do a lot of damage,” said Richard A. Clarke, the former counterterrorism official at the National Security Council. “There are lots of targets in the U.S. where they could do the same thing. The attacks were intended to say: ‘If you mess with us, you can expect retaliation.’ ”

October 11, 2012
Panetta Warns of Dire Threat of Cyberattack on U.S.
Defense Secretary Leon E. Panetta warned Thursday that the United States was facing the possibility of a “cyber-Pearl Harbor” and was increasingly vulnerable to foreign computer hackers who could dismantle the nation’s power grid, transportation system, financial networks and government.

October 1, 2012 ACSC
National Cyber Security Awareness Month 2012
As a proud partner of the U.S. Department of Homeland Security’s national cybersecurity awareness Stop.Think.Connect.TM Campaign, we are happy announce the commencement of National Cyber Security Awareness Month (NCSAM) 2012.

September 28, 2012
Cyber Attacks on U.S. Banks Expose Vulnerabilities
Cyber attacks on the biggest U.S. banks, including JPMorgan Chase & Co. (JPM) and Wells Fargo (WFC) & Co., have breached some of the nation’s most advanced computer defenses and exposed the vulnerability of its infrastructure, said cybersecurity specialists tracking the assaults.

September 24, 2012
Medical Device Security: A Call to Action
A CISO Says FDA Needs to Address the Risks

September 24, 2012 ACSC
30 Issues: Why You Should Care About ... Cybersecurity
The ACSC is somewhat unique. It's been forming for 3 years, and it brings together security experts from area nonprofits, universities and financial services companies — places like Fidelity, John Hancock and State Street Bank.

September 11, 2012
9/11 Haunts Debate Over Cybersecurity
More than a decade after the Sept. 11, 2001, terrorist attacks, the tragedy haunts Washington policymakers who are deadlocked over how to protect the country against cyberattacks.

September 7, 2012
'Elderwood' Crew, Tied to Google Aurora Attack, Targeting Defense, Energy, Finance Companies
The same team that attacked Google in the Aurora campaign in 2009 is still active and has been conducting a long-term campaign targeting defense contractors, financial services companies, energy companies, human rights organizations and government agencies using a seemingly inexhaustible supply of zero day vulnerabilities.

August 31, 2012
Six IT security firms gearing for IPOs
IT security is emerging as one of the Boston area’s commercial technology specialties, with six fast-growing security software firms in the region saying they are eyeing an initial public offering of stock in the next several years.

August 27, 2012 ACSC
Become a mentor for a local high school CyberPatriot team today!
The ACSC is helping to match local high school CyberPatriot teams with mentors who can provide technical expertise.

August 13, 2012
Cybersecurity Tops Federal IT Priorities List
Amid flat IT budgets, government tech teams are focused on establishing a solid, secure foundation, according to our annual survey.

August 13, 2012
Study: Companies remain vulnerable as ever to hackers
Despite well-publicized data­ thefts in recent years, major US companies are as vulnerable as ever to hacker attacks, and many executives say their businesses lack the resources to protect themselves, according to a report from the Waltham-based computer security company CounterTack Inc.

August 11, 2012
Congress' Profound Failure on Cybersecurity
On August 2, 2012 Congress did it again. They acknowledged the looming threat of cyberwarfare while discussing the Cybersecurity Act of 2012, and then they "kicked the can down the road."

August 10, 2012
Dept. of Energy wants electric utilities to create "cybersecurity governance board"
DoE asks utilities for sensitive cybersecurity data, promises to share it anonymously with other utilities

August 7, 2012
How Cyber Security Could Be a Winning Issue for Obama
A blackout in Manhattan. A major dam failure. Mayhem at a chemical plant. Those are all potential, and entirely plausible, consequences of a cyber attack, according to a range of current and former national security officials, including the top American commander in charge of cyber security.

More News